<?php
    header("content-type:text/html;charset=utf-8");
    session_start();
    $config = include_once('../../public/config/config.php');
    include_once('../../public/func/db.php');
    $pwdpattern = "/^[a-z\d]{8,16}$/i";
    $res = select($config,'user');
    if($_POST['pwd'] != $_SESSION['pwd']){
        die("<script>alert('原密码输入错误！');window.location.href='/home/login/updatepwd.php'</script>");
    }else if(!preg_match($pwdpattern,$_POST['nowpwd'])){
        die("<script>alert('新密码不符合数据类型！');window.location.href='/home/login/updatepwd.php'</script>");
    }else{
        foreach ($res as $k => $v) {
            if($v['uname'] = $_SESSION['uname']){
                $v['pwd'] = md5($_POST['nowpwd']);
                update($config,'user',$v);
                die("<script>alert('密码修改成功！');window.location.href='/home/login/login.php'</script>");
            }
        }
    }
?>